siteguard_lite-custom_signature 0.3.0

checksums.yaml

@@ -0,0 +1,7 @@
+---
+SHA256:
+  metadata.gz: 620a9a897b60fad5a8d1a5c220e77b0fa839ec29ccc7b396b63f855462105829
+  data.tar.gz: 37dd3fcaeacf86b82e579a8c6dd6e92a0faab701f96f5d94a98260bff280bc7d
+SHA512:
+  metadata.gz: 824194ec96956d8aed714a3d3017e4eae3766ab5d7c843c690d9e6a38bb6c3f4bc809a284dff4cece8897cf61336a15627105ed38a9d68fc4ee41a083b849c97
+  data.tar.gz: f62f14b812d333dc7cf91db36efecc4bc6301a55ae8844900c6e49a05d0a6bc6d1c7a29d21da8bcc5227b3d7956f62a08d43fabd2f15756bb15bbb96cff6946d

data/.gitignore

@@ -0,0 +1,12 @@
+/Gemfile.lock
+/.bundle/
+/.yardoc
+/_yardoc/
+/coverage/
+/doc/
+/pkg/
+/spec/reports/
+/tmp/
+
+# rspec failure tracking
+.rspec_status

data/.rspec

@@ -0,0 +1,3 @@
+--format documentation
+--color
+--require spec_helper

data/.travis.yml

@@ -0,0 +1,5 @@
+sudo: false
+language: ruby
+rvm:
+  - 2.5.1
+before_install: gem install bundler -v 1.16.1

data/Gemfile

@@ -0,0 +1,6 @@
+source "https://rubygems.org"
+
+git_source(:github) {|repo_name| "https://github.com/#{repo_name}" }
+
+# Specify your gem's dependencies in siteguard_lite-custom_signature.gemspec
+gemspec

data/LICENSE.txt

@@ -0,0 +1,21 @@
+The MIT License (MIT)
+
+Copyright (c) 2018 GMO Pepabo, Inc.
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in
+all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
+THE SOFTWARE.

data/README.md

@@ -0,0 +1,83 @@
+# SiteguardLite::CustomSignature
+
+このライブラリはSiteGuard Liteのカスタム・シグネチャファイル(`sig_custom.txt`)を扱うためのライブラリです。
+
+このファイルはタブ区切りフォーマットですが、このライブラリではYAMLフォーマットで扱えるようにします。
+
+## Installation
+
+Add this line to your application's Gemfile:
+
+```ruby
+gem 'siteguard_lite-custom_signature'
+```
+
+And then execute:
+
+    $ bundle
+
+Or install it yourself as:
+
+    $ gem install siteguard_lite-custom_signature
+
+## Usage
+
+```ruby
+require 'siteguard_lite/custom_signature'
+
+# Load yaml format (This gem's format)
+rules = SiteguardLite::CustomSignature.load_yaml(File.read('sig_custom.yml'))
+
+# Generate text format (SiteGuard Lite format)
+SiteguardLite::CustomSignature.dump_text(rules)
+
+# Load text format
+rules = SiteguardLite::CustomSignature.load_text(File.read('sig_custom.txt'))
+
+# Generate yaml format
+SiteguardLite::CustomSignature.dump_yaml(rules)
+```
+
+## バリデーション
+
+カスタム・シグネチャファイルには文字数やバイト数の制限を持つ項目があります。`dump_text()`メソッドではこの制限をチェックして違反している場合は例外を投げます。
+
+## 注意
+
+`dump_yaml()`メソッドで生成されるYAMLにはフォーマット上の制限があります。
+
+### 配列のインデント
+
+このgemでは以下のようなYAMLが生成されます。
+
+```yaml
+rules:
+- name: exclude-foo
+  comment: fooを除外する
+```
+
+以下のようにインデントされません。
+
+```yaml
+rules:
+  - name: exclude-foo
+    comment: fooを除外する
+```
+
+### アンカーとエイリアス
+
+YAMLでは`&`と`*`を使ったアンカーとエイリアスを使うと重複した記述を避けることができて便利ですが、生成されるYAMLはそのようになりません。
+
+## Development
+
+After checking out the repo, run `bin/setup` to install dependencies. Then, run `rake spec` to run the tests. You can also run `bin/console` for an interactive prompt that will allow you to experiment.
+
+To install this gem onto your local machine, run `bundle exec rake install`. To release a new version, update the version number in `version.rb`, and then run `bundle exec rake release`, which will create a git tag for the version, push git commits and tags and no pushing the `.gem` file to [rubygems.org](https://rubygems.org).
+
+## Contributing
+
+Bug reports and pull requests are welcome on GitHub at https://github.com/pepabo/siteguard_lite-custom_signature.
+
+## License
+
+The gem is available as open source under the terms of the [MIT License](https://opensource.org/licenses/MIT).

data/Rakefile

@@ -0,0 +1,6 @@
+require "bundler/gem_tasks"
+require "rspec/core/rake_task"
+
+RSpec::Core::RakeTask.new(:spec)
+
+task :default => :spec

data/bin/console

@@ -0,0 +1,14 @@
+#!/usr/bin/env ruby
+
+require "bundler/setup"
+require "siteguard_lite/custom_signature"
+
+# You can add fixtures and/or initialization code here to make experimenting
+# with your gem easier. You can also use a different console, if you like.
+
+# (If you use this, don't forget to add pry to your Gemfile!)
+# require "pry"
+# Pry.start
+
+require "irb"
+IRB.start(__FILE__)

data/bin/setup

@@ -0,0 +1,8 @@
+#!/usr/bin/env bash
+set -euo pipefail
+IFS=$'\n\t'
+set -vx
+
+bundle install
+
+# Do any other automated setup that you need to do here

data/lib/siteguard_lite/custom_signature.rb

@@ -0,0 +1,33 @@
+require "active_model"
+require "yaml"
+
+require "siteguard_lite/custom_signature/version"
+require "siteguard_lite/custom_signature/bytesize_validator"
+require "siteguard_lite/custom_signature/rule"
+require "siteguard_lite/custom_signature/condition"
+require "siteguard_lite/custom_signature/yaml_dumper"
+require "siteguard_lite/custom_signature/yaml_loader"
+require "siteguard_lite/custom_signature/text_dumper"
+require "siteguard_lite/custom_signature/text_loader"
+
+module SiteguardLite
+  module CustomSignature
+    class << self
+      def load_yaml(yaml)
+        YamlLoader.load(yaml)
+      end
+
+      def load_text(text)
+        TextLoader.load(text)
+      end
+
+      def dump_yaml(rules)
+        YamlDumper.dump(rules)
+      end
+
+      def dump_text(rules)
+        TextDumper.dump(rules)
+      end
+    end
+  end
+end

data/lib/siteguard_lite/custom_signature/bytesize_validator.rb

@@ -0,0 +1,7 @@
+class BytesizeValidator < ActiveModel::EachValidator
+  def validate_each(record, attribute, value)
+    if value.bytesize > options[:maximum]
+      record.errors.add(attribute, :too_long, count: options[:maximum])
+    end
+  end
+end

data/lib/siteguard_lite/custom_signature/condition.rb

@@ -0,0 +1,56 @@
+module SiteguardLite
+  module CustomSignature
+    class Condition
+      include ActiveModel::Validations
+
+      attr_reader :key, :value, :comparison_methods
+
+      validates :value, bytesize: { maximum: 1999 }
+
+      def initialize(k, v, comparison_methods)
+        @key = k
+        @value = v
+        @comparison_methods = comparison_methods
+      end
+
+      # siteguardlite-320-0_nginx.pdf, p.52
+      # [有効・無効]<タブ>[動作]<タブ><タブ>[シグネチャ名]<タブ>[検査対象] <タブ>[比較方法]<タブ> [検査文字列]<タブ><タブ>[コメント]
+      def to_text(rule, last: false)
+        validate!
+
+        [
+          rule.enable_str,
+          'NONE',
+          '',
+          rule.name,
+          @key,
+          comparison_str(rule, last),
+          @value,
+          '',
+          rule.comment,
+        ].join("\t")
+      end
+
+      def to_hash
+        {
+          key: @key,
+          value: @value,
+          comparison_methods: @comparison_methods,
+        }
+      end
+
+      private
+
+      def comparison_str(rule, last)
+        if last
+          [
+            @comparison_methods,
+            "#{rule.exclusion_action}(#{rule.signature})"
+          ].flatten.join(',')
+        else
+          @comparison_methods.join(',')
+        end
+      end
+    end
+  end
+end

data/lib/siteguard_lite/custom_signature/rule.rb

@@ -0,0 +1,53 @@
+module SiteguardLite
+  module CustomSignature
+    class Rule
+      include ActiveModel::Validations
+
+      attr_reader :name, :comment, :enable, :conditions
+      attr_accessor :exclusion_action, :signature
+
+      validates :name, bytesize: { maximum: 29 }
+      validates :signature, bytesize: { maximum: 999 }
+
+      def initialize(args)
+        @name = args[:name]
+        @comment = args[:comment]
+        @exclusion_action = args[:exclusion_action]
+        @signature = args[:signature]
+
+        @enable = true
+
+        @conditions = []
+      end
+
+      def add_condition(k, v, comparison_methods)
+        @conditions << SiteguardLite::CustomSignature::Condition.new(k, v, comparison_methods)
+      end
+
+      def enable_str
+        @enable ? 'ON' : 'OFF'
+      end
+
+      def to_text
+        validate!
+
+        texts = []
+        last_idx = @conditions.length - 1
+        @conditions.each_with_index do |condition, idx|
+          texts << condition.to_text(self, last: idx == last_idx)
+        end
+        texts.join("\n")
+      end
+
+      def to_hash
+        {
+          name: @name,
+          comment: @comment,
+          exclusion_action: @exclusion_action,
+          signature: @signature,
+          conditions: @conditions.map { |c| c.to_hash },
+        }
+      end
+    end
+  end
+end

data/lib/siteguard_lite/custom_signature/text_dumper.rb

@@ -0,0 +1,9 @@
+module SiteguardLite
+  module CustomSignature
+    class TextDumper
+      def self.dump(rules)
+        rules.map { |r| r.to_text }.join("\n") + "\n"
+      end
+    end
+  end
+end

data/lib/siteguard_lite/custom_signature/text_line_parser.rb

@@ -0,0 +1,65 @@
+module SiteguardLite
+  module CustomSignature
+    class TextLineParser
+      # siteguardlite-320-0_nginx.pdf, p.52
+      # [有効・無効]<タブ>[動作]<タブ><タブ>[シグネチャ名]<タブ>[検査対象] <タブ>[比較方法]<タブ> [検査文字列]<タブ><タブ>[コメント]
+      def parse(line)
+        fields = line.split("\t")
+        {
+          enable: enable(fields[0]),
+          action: fields[1],
+          name: fields[3],
+          comment: fields[8],
+          exclusion_action: exclusion_action(fields[5]),
+          signature: signature(fields[5]),
+          condition: {
+            key: fields[4],
+            comparison_methods: comparison_methods(fields[5]),
+            value: fields[6],
+          }
+        }
+      end
+
+      private
+
+      def enable(str)
+        str == 'ON'
+      end
+
+      def exclusion_action(comparison_str)
+        parse_comparison_str(comparison_str)[:exclusion_action]
+      end
+
+      def signature(comparison_str)
+        parse_comparison_str(comparison_str)[:signature]
+      end
+
+      def comparison_methods(comparison_str)
+        parse_comparison_str(comparison_str)[:comparison_methods]
+      end
+
+      def parse_comparison_str(str)
+        return @parsed_comarison_str if @parsed_comparison_str
+
+        result = {
+          comparison_methods: [],
+          exclusion_action: nil,
+          signature: nil,
+        }
+
+        # TODO: Make it possible to handle other comparison methods and exclusion actions
+        str.split(',').each do |part|
+          case part
+          when /\AEXCLUDE_OFFICIAL\((.+)\)\z/
+            result[:exclusion_action] = 'EXCLUDE_OFFICIAL'
+            result[:signature] = Regexp.last_match(1)
+          else
+            result[:comparison_methods] << part
+          end
+        end
+
+        @parsed_comarison_str = result
+      end
+    end
+  end
+end

data/lib/siteguard_lite/custom_signature/text_loader.rb

@@ -0,0 +1,41 @@
+require "siteguard_lite/custom_signature/text_line_parser"
+
+module SiteguardLite
+  module CustomSignature
+    class TextLoader
+      def self.load(text)
+        rules = []
+        rule = nil
+
+        line_parser = TextLineParser.new
+        text.split("\n").each do |line|
+          parsed = line_parser.parse(line)
+
+          # collect each line into the rules
+          if rule&.name == parsed[:name]
+            # This is the continuation from the previous line
+            rule.add_condition(*parsed[:condition].fetch_values(:key, :value, :comparison_methods))
+            rule.exclusion_action = parsed[:exclusion_action]
+            rule.signature = parsed[:signature]
+          else
+            # This line is a new rule
+            rules << rule if rule
+            rule = Rule.new(
+              enable: parsed[:enable],
+              action: parsed[:action],
+              name: parsed[:name],
+              comment: parsed[:comment],
+              exclusion_action: parsed[:exclusion_action],
+              signature: parsed[:signature],
+            )
+            rule.add_condition(*parsed[:condition].fetch_values(:key, :value, :comparison_methods))
+          end
+        end
+
+        rules << rule if rule
+
+        rules
+      end
+    end
+  end
+end

data/lib/siteguard_lite/custom_signature/version.rb

@@ -0,0 +1,5 @@
+module SiteguardLite
+  module CustomSignature
+    VERSION = "0.3.0"
+  end
+end

data/lib/siteguard_lite/custom_signature/yaml_dumper.rb

@@ -0,0 +1,13 @@
+require "active_support/core_ext/hash/indifferent_access"
+
+module SiteguardLite
+  module CustomSignature
+    class YamlDumper
+      def self.dump(rules)
+        {
+          rules: rules.map { |r| r.to_hash }
+        }.with_indifferent_access.deep_stringify_keys.to_hash.to_yaml
+      end
+    end
+  end
+end

data/lib/siteguard_lite/custom_signature/yaml_loader.rb

@@ -0,0 +1,23 @@
+module SiteguardLite
+  module CustomSignature
+    class YamlLoader
+      def self.load(yaml)
+        y = ::YAML.load(yaml)
+        rules = []
+        y['rules'].each do |r|
+          rule = SiteguardLite::CustomSignature::Rule.new(
+            name: r['name'],
+            comment: r['comment'],
+            exclusion_action: r['exclusion_action'],
+            signature: r['signature']
+          )
+          r['conditions'].each do |c|
+            rule.add_condition(c['key'], c['value'], c['comparison_methods'])
+          end
+          rules << rule
+        end
+        rules
+      end
+    end
+  end
+end

data/siteguard_lite-custom_signature.gemspec

@@ -0,0 +1,30 @@
+
+lib = File.expand_path("../lib", __FILE__)
+$LOAD_PATH.unshift(lib) unless $LOAD_PATH.include?(lib)
+require "siteguard_lite/custom_signature/version"
+
+Gem::Specification.new do |spec|
+  spec.name          = "siteguard_lite-custom_signature"
+  spec.version       = SiteguardLite::CustomSignature::VERSION
+  spec.authors       = ["Takatoshi Ono"]
+  spec.email         = ["takatoshi.ono@gmail.com"]
+
+  spec.summary       = %q{This library load and dump SiteGuard Lite custom signature file.}
+  spec.description   = %q{This library load and dump SiteGuard Lite custom signature file.}
+  spec.homepage      = "https://github.com/pepabo/siteguard_lite-custom_signature"
+  spec.license       = "MIT"
+
+  spec.files         = `git ls-files -z`.split("\x0").reject do |f|
+    f.match(%r{^(test|spec|features)/})
+  end
+  spec.bindir        = "exe"
+  spec.executables   = spec.files.grep(%r{^exe/}) { |f| File.basename(f) }
+  spec.require_paths = ["lib"]
+
+  spec.add_dependency "activemodel"
+  spec.add_dependency "activesupport"
+
+  spec.add_development_dependency "bundler", "~> 1.16"
+  spec.add_development_dependency "rake", "~> 10.0"
+  spec.add_development_dependency "rspec", "~> 3.0"
+end

metadata

@@ -0,0 +1,134 @@
+--- !ruby/object:Gem::Specification
+name: siteguard_lite-custom_signature
+version: !ruby/object:Gem::Version
+  version: 0.3.0
+platform: ruby
+authors:
+- Takatoshi Ono
+autorequire: 
+bindir: exe
+cert_chain: []
+date: 2018-07-24 00:00:00.000000000 Z
+dependencies:
+- !ruby/object:Gem::Dependency
+  name: activemodel
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: activesupport
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+  type: :runtime
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - ">="
+      - !ruby/object:Gem::Version
+        version: '0'
+- !ruby/object:Gem::Dependency
+  name: bundler
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '1.16'
+- !ruby/object:Gem::Dependency
+  name: rake
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '10.0'
+- !ruby/object:Gem::Dependency
+  name: rspec
+  requirement: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+  type: :development
+  prerelease: false
+  version_requirements: !ruby/object:Gem::Requirement
+    requirements:
+    - - "~>"
+      - !ruby/object:Gem::Version
+        version: '3.0'
+description: This library load and dump SiteGuard Lite custom signature file.
+email:
+- takatoshi.ono@gmail.com
+executables: []
+extensions: []
+extra_rdoc_files: []
+files:
+- ".gitignore"
+- ".rspec"
+- ".travis.yml"
+- Gemfile
+- LICENSE.txt
+- README.md
+- Rakefile
+- bin/console
+- bin/setup
+- lib/siteguard_lite/custom_signature.rb
+- lib/siteguard_lite/custom_signature/bytesize_validator.rb
+- lib/siteguard_lite/custom_signature/condition.rb
+- lib/siteguard_lite/custom_signature/rule.rb
+- lib/siteguard_lite/custom_signature/text_dumper.rb
+- lib/siteguard_lite/custom_signature/text_line_parser.rb
+- lib/siteguard_lite/custom_signature/text_loader.rb
+- lib/siteguard_lite/custom_signature/version.rb
+- lib/siteguard_lite/custom_signature/yaml_dumper.rb
+- lib/siteguard_lite/custom_signature/yaml_loader.rb
+- siteguard_lite-custom_signature.gemspec
+homepage: https://github.com/pepabo/siteguard_lite-custom_signature
+licenses:
+- MIT
+metadata: {}
+post_install_message: 
+rdoc_options: []
+require_paths:
+- lib
+required_ruby_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+required_rubygems_version: !ruby/object:Gem::Requirement
+  requirements:
+  - - ">="
+    - !ruby/object:Gem::Version
+      version: '0'
+requirements: []
+rubyforge_project: 
+rubygems_version: 2.7.6
+signing_key: 
+specification_version: 4
+summary: This library load and dump SiteGuard Lite custom signature file.
+test_files: []